3068 matches found
PT-2026-28268
Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through...
EUVD-2025-209038
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...
CVE-2025-36187
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2025-14684
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...
CVE-2025-36187
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2025-36187 Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2025-14684
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...
PT-2026-28132
Name of the Vulnerable Software and Affected Versions IBM Knowledge Catalog Standard Cartridge versions 5.0.0 through 5.0.3 IBM Knowledge Catalog Standard Cartridge versions 5.1 through 5.1.3 IBM Knowledge Catalog Standard Cartridge versions 5.2.0 through 5.2.1 Description The software stores...
VMware Cloud Foundation SDDC Manager Information Disclosure (VMSA-2022-0003)
The remote host is running a version of VMware Cloud Foundation prior to 3.11 or prior to 4.3.1.1. It is, therefore, affected by an information disclosure vulnerability: - VMware Cloud Foundation contains an information disclosure vulnerability due to the logging of credentials in plain-text with...
SAP NetWeaver AS ABAP Missing Authorization Check (3704740)
The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticat...
CVE-2026-27688
Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...
Lenovo Filez 安全漏洞
Lenovo Filez is an enterprise cloud storage service provided by Lenovo Corporation. Lenovo FileZ has a security vulnerability, which stems from the possibility for locally authenticated users under certain conditions to retrieve sensitive data stored in log files...
CVE-2026-31817
OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...
CVE-2026-31817 OliveTin's unsafe parsing of UniqueTrackingId can be used to write files
OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...
EUVD-2026-10463
Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...
CVE-2026-27688 Missing Authorization check in SAP NetWeaver Application Server for ABAP
Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...
PT-2026-24164
Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP affected versions not specified Description An authenticated attacker with user privileges may be able to read Database Analyzer Log Files due to a missing authorization check within a specific RFC...
CVE-2025-70040
An issue pertaining to CWE-532: Insertion of Sensitive Information into Log File was discovered in LupinLin1 jimeng-web-mcp v2.1.2. This allows an attacker to obtain sensitive information...
Cryptomator 安全漏洞
Cryptomator is a simple digital self-defense tool from the Cryptomator community. It is used to protect data. Versions of Cryptomator prior to 1.19.0 have security vulnerabilities; these vulnerabilities stem from the possibility of leaking plaintext paths into log files, which could lead to...
EUVD-2026-9313
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file...